Fox-IT and US Security Company Crowdstrike, in collaboration with the FBI, demystify GameOver Zeus
Global cybersecurity leader Fox-IT and U.S. security company Crowdstrike, in collaboration with the FBI, presented their joint research on GameOver Zeus at the Black Hat conference in Las Vegas on August 5, 2015. GameOver Zeus is considered by many to be the most successful cybercrime group to date. In a joint investigation over multiple years, the FBI, with the help of Fox-IT’s InTELL team and others, has taken down a vital part of the botnet and rendered GameOver Zeus ineffective. The results of the research are described in the whitepaper ‘GameOver Zeus – Backgrounds on the Badguys and the Backends’.
Some of the new facts include:
- In addition to bank robbery, credential stealing and ransomware, the GameOver Zeus gang engaged in espionage across eastern European countries.
- The GameOver botnet sizes averaged 200,000 nodes in total.
- The gang stole 20 to 30 terabytes of data over time, as well as an estimated $100 million of banking funds.
- The GameOver Zeus gang called themselves the ‘businessclub’ and totaled more than 50 criminal actors.
- Evgeniy ‘Slavik’ Bogachev was not the sole leader of this ‘businessclub’.